¶ … technology a field study choice. a. The impact mobile devices cybersecurity Courses fulfill General Education Requirements (GERs) UMUC a common theme -- technological transformations.
The preferred device for browsing the web, making purchases, using social media, and emailing is the smartphone. Many people find it is easier to carry a smartphone due to its size. A breeding ground for cyber attacks has resulted from the popularity of mobile devices. Mobile devices like smartphones and tablets have no security software that protects the data held within the device. Mobile devices do not contain the traditional security software like antivirus, encryption, and firewalls found in personal computers. According to Wright, Dawson Jr., and Omar (2003)
the operating system used in mobile phones is not frequently updated, which makes it easy for cyber attackers to use this for their advantage. In the corporate environment, almost all employees use mobile devices. These devices provide the employees with opportunities to increase their effectiveness, but there are significant concerns raised regarding privacy of corporate data. The devices store information retrieved from corporate servers and emails, which would result in serious damage if accessed by an attacker. Many organizations allow employees to access the organization's network using their personal devices. This makes the networks vulnerable to external attacks as the employees might use the devices in other unsecured networks. The devices will access organizational information. This information been stored on the devices is easily accessible to anyone who gains access to the device.
Extensive use of mobile devices
A survey conducted on IT professionals managing corporate networks indicated that a majority of employees were using mobile devices to access corporate networks Goyal & Carter, 2004.
The respondents indicated that there was a broad use of mobile devices within their organizations. This indicates that many people prefer to use their mobile devices at work. The devices used are either personal or company issued. The growth of mobile device has led to the devices been the devices of choice for many employees to access their company emails. The employees prefer using mobile devices as they can retrieve information even when they are not in the office. The employees will access public networks in coffee shops or other places using the same devices. This causes a problem for the IT professionals as the devices are authenticated to access corporate servers. An attacker will use the mobile devices to gain access to sensitive information or corporate secrets.
In case the mobile device is stolen, the thief will have access to the users information, and they can use that information for malicious purposes. The security of mobile devices is limited, and it is easier for the attackers to steal the devices and gain access to all the information stored on the devices. The IT professional does not manage the information stored on the mobile devices. The devices have synchronization facilities that allow the devices to synchronize actively information from the corporate networks. This indicates that if an attacker gains access to a mobile device they will receive information constantly as the device keeps on synchronizing. The attacker could inject scrambled data into the mobile device, which will then be synchronized with the corporate data. This provides the attacker with a way to infect corporate data servers or alter information stored on the servers.
Mobile devices are becoming more vulnerable as attack targets. The use of mobile devices for a variety of activities like accessing emails and online transactions has made them vulnerable to many malicious attacks. The malicious attacks are on the rise with the continual usage of mobile devices. The number of mobile vulnerabilities has risen by almost 42% Leavitt, 2011.
People are using the devices to store...
The attackers are aware of the information stored on the devices, and they are coming up with sophisticated ways to access the information. The use of mobile applications to access social networks allows the devices to store a wealth of personal information. Users are also able to conduct online transactions over wireless networks. These activities require the user to store information on the devices, and any breach on the device would result in huge losses due to the information stored Ruggiero & Foote, 2011()
The vulnerabilities of mobile devices are similar to those personal computers. Since mobile devices are easy to carry, modify, and use they are prone to more attacks then personal computers. The most common attacks that mobile devices face include theft, malware, phishing, or viruses.
Theft of mobile device is very likely since they are small and easy to steal. If a user loses their phone, they could lose their data and any other information stored on the device. The loss could result in the attacker overriding security features of the device and gain access to other services used by the user. Majority of users do not use PIN numbers to protect their phones, which make them easy targets for information theft. All a user needs is to steal the device and quickly access the information before the user can report its loss. With more time, a sophisticated attacker could penetrate the security features of the device and access all the information stored on the device. Many users enable the auto login feature, which would enable the thief to access all their emails or financial information. Many mobile devices do not employ the two-step authentication feature, and this makes it easy for the thief to gain access to sensitive information. Once a person has access to the device, they can access corporate, financial, and private data. The thief could also misuse the device and the user would be held liable for any activities conducted using their stolen device.
Attackers have discovered that there is minimal or no authentication conducted before users install applications on their mobile devices. The attackers have created legitimate looking applications that contain malware. According to Barrera and Van Oorschot (2011)
the applications are disguised as games, utility applications, or security patches. Since the users cannot easily determine the authenticity of the applications, they will not suspect the application, and they will proceed to install. The malware is able to jailbreak the device and allow the attacker to gain root access to the device. With root access, the attacker is able to install other applications that will monitor the user's activities and send the logs to the attacker. The attacker could use the information for malicious purposes. The lack of security software on most devices has made them easy targets for malware attacks.
Phishing is quite easy because all the attackers requires is the victim to click on a malicious link from their email using their mobile device.
Mobile devices are also prone to phishing voice calls and SMS messages. These are attacks targeted towards mobile devices only. Since majority of users access their personal and company emails using their phones, the attackers have developed phishing websites that are geared towards mobile phones. The victim's are not aware of the malicious links since their phones do not have any security software. The phishing website will gather the user's information and send it back to the attacker. The information the attacker accesses could be of a sensitive nature and this could have severe consequences on the victim. E-mail spoofing for mobile devices is the easiest way the attackers can employ. Employing the poor security technologies found on mobile devices, the attackers have managed to trick their victims to click links found on their emails and entering sensitive information. The attackers are aware that users are now accessing and conducting financial transactions using their mobile phones, which has seen them develop phishing applications for mobile devices.
Protecting mobile devices
The proliferation and continual technological advancements for mobile devices will only increase the number of devices and vulnerabilities. Guarding against any mobile device vulnerabilities is easy provided a user understands the implications. The devices should have authentication facilities. This will guard against any unauthorized access to the phone if stolen. The only an attacker would override this feature is by formatting the device, which will erase all the information stored on the device. Activating idle-time screen lock will ensure that the device lock automatically if it is not in use. This will prevent any person from snooping on the mobile device when the user is not around. Screen lock will discourage people from accessing the phone without the user knowing. For sensitive applications, users should have two-factor authentication. Using two-factor authentication will enable the user to conduct sensitive transactions on their mobile devices safely. With two-factor authentication, the user will have to provide the password and information regarding something only the user would know.
When downloading applications, the user should ensure that they verify the applications. VAN ()
posits that assessing the digital signatures of the applications enable the user to confirm the authenticity of the applications. The user has to…
Cyber security, due primarily to globalization has become a profound issue. With the advent of the internet, new threats to privacy and security have arisen. For one, threats have caused data breaches and loss of service for many internet providers. Recently, American banks have become targets of cyber attacks from unknown sources. In many instances, it is difficult to detect the whereabouts of a cyber attack. The anonymity of an
Cyber Security Currently, the internet has become a significant infrastructure, which has brought new degrees of productivity, convenience, and effectiveness for the private and public firms. The many incidents of internet attacks reflect the vulnerability of the information systems, the severity of malicious programs and the offensive nature of technology. Similarly, either attackers can hide their identity, through disabling logging facilities or altering event logs, which makes them go undetected. On
S. Department of Defense (DOD) uses over two million computers and more than ten thousand local area networks, most of which are linked to, and vulnerable to attack from, users of the larger Internet. (2008, p. 276) These increasing threats correspond to the growing reliance on information systems to manage the entire spectrum of modern commerce and energy resources, making the disruption of a single element in the integrated system a
LAUNCH OF MICROSOFT'S ZUNE MP3 PLAYER Dear Sir/Madam, I analyze development launch Microsoft's Zune MP3 player provide logic product unsuccessful. The paper sections: • Introduction - In section outline purpose paper introduce product concept. Development and Launch of Microsoft's Zune MP3 Player This paper discusses the development of Microsoft's Zune MP3 player a digital potable media targeting to rival Apple's iPod market. The application was launched in the market in 2006 and
Traffic Analysis/Homeland Security One of the biggest challenges currently faced by the Department of Homeland Security is guaranteeing cybersecurity. Each and every day some type of cyber crime occurs. Such crimes have the potential to affect the country's national security. This paper investigates the significance of internet traffic and analysis to Homeland Security. It will look at the importance of internet traffic and analysis to Homeland Security as well as encrypted
Hacking the AIS Technological advancements have predisposed many businesses across the globe to challenges related to system manipulation and hacking. Connectivity technology and the internet have eliminated almost all communication barriers that businesses and individuals faced previously. Some of the dangers and risks associated with these advancements include an increase in cyber criminals who invade into the private databases of companies and individuals. For this assignment, I will focus on JP